Skip to content

nightmare224/digital-library

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
client
client
 
 
deploy
deploy
 
 
docs/images
docs/images
 
 
server
server
 
 
README.md
README.md
 
 

Repository files navigation

Digital Library

Introduction

Digital Library is an implemntaion of How to protect reader lending privacy under a cloud environment: a technical method paper.

There are four components in paper's system model (Figure 1) which is Database(Cloud Database), Server (Cloud Server), Client(Lending Interface, Query Interface), and User (Reader, Worker, Administrator). system-model This implementation chooses PostgreSQL as the Database, which store all the data including reader information, literature information, and lending records. Server is a Flask web application which in charge of making queries in Database, and only Administrator could access Server's APIs. Client is also a Flask web application which make HTTP requests to Server. It is an interface for unprivileged User such as Reader and Worker to make queries through Server in Database. Both Server and Client have Swagger pages for User to interract with their APIs.

Quick Started

The following steps would create three docker containers to represent Server, Client, and Database.

Prerequisite

  • Install Docker engine and Docker compose

    The easiest way is to install Docker Desktop, which includes Docker Compose along with Docker Engine and Docker CLI.

Install

To install Digital Library, follow the below steps:

  1. Clone the Digital Library repository

    git clone https://github.com/nightmare224/digital-library.git

  2. Deploy and run Digital Library

    bash digital-library/deploy/run.sh

Usage

To demostrate the scenario in paper easily, some demo data are inserted in database beforehand. You can play with those data through Server and Client APIs.

Examples

This section would demostrate some scenario that mentioned in paper, and also explain how it works behind the scenes.

Scenario1

Reader(ID: 2019IN013) lends the literature(ID: 1)

Send HTTP POST request to Client API /digitallibrary/client/api/reader/{rid}/record to create record.

scenario1-1

How it works

  1. Reader send POST request to Client API /digitallibrary/client/api/reader/{rid}/record with original reader number (rid) 2019IN013 and literature number (bid) 1.

  2. Inside the Client, it would do query transformation, which would generate ciphertext (rtt) and featured reader number(rid) based on the feature construction process shown in Figure3. The ciphertext is completed by AES encryption and Base64 encode, i.e. Base64Encode(AES(lending time + original reader number))

    feature-construction

  3. Client sends the POST request to Server API /digitallibrary/client/api/reader/{rid}/record with **featured reader number ** (rid) 7PBC52BAB and the ciphertext field (rtt) NPTnTn/sj8R4zuGsBW22ezjgV5DD

    scenario1-2

  4. Server would insert this record into Database

Scenario2

Reader(ID: 2019IN013) get his own lending records

Send HTTP GET request to Client API /digitallibrary/client/api/reader/{rid}/record to get records.

scenario2-1

How it works

  1. Send HTTP GET request to Client API /digitallibrary/client/api/reader/{rid}/record to get records with original reader number (rid) 2019IN013.

  2. Inside the Client, it send HTTP GET request to Server API /digitallibrary/server/api/reader/{rid}/record with featured reader number (rid) 7PBC52BAB. The response of Server would be like:

    [
  {
    "bid": "1",
    "rid": "7PBC52BAB",
    "rtt": "NPTnTn/sj8R4zuGsBW22ezjgV5DD",
    "sta": "202302251946",
    "tid": "1"
  },
  {
    "bid": "2",
    "rid": "7PBC52BAB",
    "rtt": "NPTnT3/sjsR4zuGsBW22ezjjXJDA",
    "sta": "202302252245",
    "tid": "2"
  }
[

  3. To verify whether the records belong to reader 2019IN013, do Base64 decode and AES decrypt on ciphertext field (rtt) . This step is necessary because there is a many-to-one mapping from original reader number to featured reader number, for example, both 2019IN013 and 2018IN113 get 7PBC52BAB after feature construction.

  4. Client gather all the records which belong to reader 2019IN013 and then send HTTP response. The response of Client would be like:

    when verbose = 1

    [
  {
    "bid": "1",
    "rid": "7PBC52BAB",
    "rtt": "NPTnTn/sj8R4zuGsBW22ezjgV5DD",
    "sta": "202302251946",
    "tid": "1",
    "tle": "Nicole Tai",
    "type": "reader"
  }
]

    when verbose = 0

    [
  {
    "bid": "1",
    "rid": "7PBC52BAB",
    "rtt": "NPTnTn/sj8R4zuGsBW22ezjgV5DD",
    "sta": "202302251946",
    "tid": "1"
  }
]

Development

Docker Image

About

For 2023 Data Protection assignment 1

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages